国产强伦姧在线观看无码,中文字幕99久久亚洲精品,国产精品乱码在线观看,色桃花亚洲天堂视频久久,日韩精品无码观看视频免费

逆向工程的基本原理

當(dāng)一個程序被創(chuàng)建時， 編譯器 會將程序的源代碼 編譯 成多個含有機(jī)器語言代碼的 對象檔案 。然后，這些 對象檔案 會被銜接在一起而產(chǎn)生最后的 可執(zhí)行 文檔。

圖 1: 編譯你的原代碼

當(dāng) 一個軟件破解者嘗試破解一個編譯過的程序時，他會使用反 編譯器 具將機(jī)器語言代碼反 編譯 成另一種更容易讓人明白的代碼（例如 匯編語言 或者一種更高級的 程序語言 ），然后對于這反 編譯 成的語言進(jìn)行研究。

圖 2: 對你的程序作反編譯

當(dāng) 一個軟件破解者對于目標(biāo)程序擁有很好的了解時，他可以更改這個編譯過的程序來改變它的運(yùn)行。例如 , 軟件破解者可以在程序里繞過一組用來檢驗(yàn)試用期限的 例程 ，使它可以運(yùn)作。更嚴(yán)重的是，軟件破解者可以使程序看來已經(jīng)經(jīng)過注冊那樣地來運(yùn)作。

代碼虛擬化和逆向工程的比較

代碼虛擬化主要是將一組 二元碼 轉(zhuǎn)化成另一種另一個機(jī)器才明白的 二元碼 。換句話說，一個特定機(jī)器的指令將被轉(zhuǎn)變成另一個機(jī)器的指令。下圖展示的是一組 Intel x86 指令轉(zhuǎn)變成另一個機(jī)器的指令（一個 32- 位的精簡指令集計(jì)算機(jī)的指令）

圖 3: Intel x86 指令轉(zhuǎn)變成 精簡指令集計(jì)算機(jī) 的指令

Code Virtualizer 可以產(chǎn)生多種擁有個別指令集的虛擬機(jī)器。 換句話說，一組特定的 Intel x86 指令可以在個別的機(jī)器里被轉(zhuǎn)變成各種不同的 指令集，以防 一個軟件破解者從中辨別任何所產(chǎn)生的虛擬碼。下圖展示了一組 Intel x86 指令如何可以被轉(zhuǎn)變成各種不同種類的虛擬機(jī)器所模擬的虛擬碼。

圖 4: x86 到多種虛擬 CPU 的轉(zhuǎn)化

當(dāng) 一個軟件破解者嘗試對一組受到 Code Virtualizer 保護(hù)的代碼進(jìn)行 反編譯時，他無法找到任何本來的 x86 指令，而只會發(fā)現(xiàn)一個他或其它特別的 反編譯器 *陌生的、新的指令集。這將迫使 軟件破解者使用非常多的努力來研究每一行的代碼的意思以及學(xué)習(xí)每一個受保護(hù)程序內(nèi)的虛擬機(jī)器的運(yùn)作原理。 Code Virtualizer 完*全地對虛擬碼的運(yùn)行以及個別虛擬機(jī)器的學(xué)習(xí)進(jìn)行了攪亂，以阻止任何人學(xué)習(xí)當(dāng)中的虛擬碼是如何運(yùn)作的。

現(xiàn)實(shí)生活上的代碼虛擬化

Code Virtualizer 可以被輕易地 內(nèi)嵌 進(jìn)你的 Win32 或 Win64 程序以及 驅(qū)動程序 里。你只需要在你的源代碼當(dāng)中選擇你要使用 Code Virtualizer 保護(hù)的代碼區(qū)。下面的例子展示你如何可以在 C 程序里保護(hù)一個特定的代碼區(qū)。

VIRTUALIZER_START/VIRTUALIZER_END 宏 都只是多余的 宏 ，它們不會對原來的程序的運(yùn)行有任何的影響。只有當(dāng)一個受保護(hù)的程序運(yùn)行進(jìn)入保護(hù)時段時， Code Virtualizer 可以辨認(rèn)這些受保護(hù)的程序區(qū)，然后將它們轉(zhuǎn)變成一個虛擬機(jī)器明白的虛擬代碼。

下圖展示了一個原來 編譯過的程序（在還沒有受保護(hù)時）以及當(dāng)它被 Code Virtualizer 保護(hù)時所經(jīng)過的 轉(zhuǎn)變。

圖 5: 原來的程序和受保護(hù)程序的比較

如圖所示， Code Virtualizer 需要將所產(chǎn)生的虛擬機(jī)器 內(nèi)嵌 進(jìn)受保護(hù)程序的末端，以便在程序運(yùn)行的時候可以對模擬運(yùn)行這些虛擬代碼。虛擬機(jī)器的 大小 可以相等于 10 Kb 到 30 Kb （大小取決于所選擇的復(fù)雜程度），對于最后所產(chǎn)生的受保護(hù)程序的大小沒有太大的影響。

結(jié)論

Code Virtualizer 是一個可以用來防止別人窺視你重要且敏感的程序的強(qiáng)大技術(shù) , 例如你用來檢驗(yàn)所輸入的注冊 序號 是否正確的 例程 。此外， Code Virtualizer 稍微改比變受保護(hù)程序里的 PE 標(biāo)頭 ，這意味著你可以在 Code Virtualizer 上置入一個 壓縮器 或另一個軟件保護(hù)層。

如果你是一個 驅(qū)動程序 的，而且為了找不到一個保護(hù) 驅(qū)動程序 的解決方案而煩惱， Code Virtualizer 提供你一種相同于保護(hù)你程序和 DLL 的技術(shù)來保護(hù)你的 驅(qū)動程序 （ 32- 位或者 64- 位）。

今天就嘗試 Code Virtualizer ，開始為你的 32- 位 /64- 位程序以及 驅(qū)動程序 里置入軟件保護(hù)業(yè)里的技術(shù)吧！

以下是 Code Virtualizer® 的主要特點(diǎn)：

• 使用多個虛擬機(jī)器進(jìn)行攪亂

• 對每個受保護(hù)程序進(jìn)行*的保護(hù)

• 保護(hù)任何的 x32 和 x64 程序以及 驅(qū)動程序

• *的變異引擎

• 代碼重組來保護(hù) DLLs 和 驅(qū)動程序

• 在*的虛擬機(jī)器里模擬任何 Intel x86 代碼

• 每個受保護(hù)程序里都有*的虛擬碼

• *兼容于任何的 壓縮器 / 軟件保護(hù)層

• 由指令列加載 的保護(hù)

Basics about Reverse Engineering

When an application is being created, the Compiler will compile the application source code into several object files made of machine language code. Afterward, the object files are linked together to create the final executable.

Figure 1: Compilation of your source code

When an attacker tries to crack a compiled application, he will use a decompiler tool which will decompile the machine language code into a more comprehensive code (like assembly code or a higher programming language), doing his research over the decompiled code.

Figure 2: Decompilation of your application

When the attacker has a good knowledge of the target application, he can modify the compiled application to alter its behavior. For example, the attacker could bypass the routine that checks for the trial period in an application and make it run forever, or, even worse, cause the application to behave as if it was registered.

Code Virtualization against Reverse Engineering

Code virtualization consists of the transformation of binary code from a specific machine into a different binary code that is understood by another machine. That is, the instruction set from a specific machine is converted into a new instruction set which is understood by a different machine. The following picture represents the transformation from a block of Intel x86 instructions into a new instruction set for another machine (specifically a RISC 32-bit CPU):

Figure 3: Transformation from x86 to RISC 32-bit CPU

Code Virtualizer can generate multiple types of virtual machines with a different instruction set for each one. This means that a specific block of Intel x86 instructions can be converted into different instruction set for each machine, preventing an attacker from recognizing any generated virtual opcode after the transformation from x86 instructions. The following picture represents how a block of Intel x86 instructions is converted into different kinds of virtual opcodes, which could be emulated by different virtual machines.

Figure 4: Transformation from x86 to multiple Imaginary CPUs

When an attacker tries to decompile a block of code that was protected by Code Virtualizer, he will not find the original x86 instructions. Instead, he will find a completely new instruction set which is not recognized by him or any other special decompiler. This will force the attacker to go through the extremely hard work of identifying how each opcode is executed and how the specific virtual machine works for each protected application. Code Virtualizer totally obfuscates the execution of the virtual opcodes and the study of each unique virtual machine in order to prevent someone from studying how the virtual opcodes are executed.

Code Virtualization in RealLife

Code Virtualizer can be embedded inside your Win32 and Win64 applications and device drivers with ease. You just need to select which areas in your source code are going to be protected by Code Virtualizer. The following example shows how you can protect a block of code in a C application.

The VIRTUALIZER_START/VIRTUALIZER_END macros are dummy macros which do not interfere with the execution of the original application. It's only in protection-time when Code Virtualizer will recognize those areas of code and will covert them into unique virtual opcodes, which are then emulated by a virtual machine when the protected application is running.

The following picture represents the image of an original compiled application (before being protected) and how it's transformed when it's protected by Code Virtualizer:

Figure 5: Original Application versus Protected Application

As the image shows, Code Virtualizer needs to embed the generated virtual machine at the end of the protected application in order to emulate the virtual opcodes when they are going to be executed. The size of the virtual machine can vary from 10 Kb to 30 Kb (depending on the complexity level selected), making no impact in the final size of the protected application.

Final Words

Code Virtualizer is a powerful technology that can prevent someone from inspecting your sensitive code, such as your routines that validate an entered serial key for registering your application. Also, Code Virtualizer slightly modifies the PE header of the protected application, meaning you could put a compressor or other software protector on top of Code Virtualizer with no problems.

If you are a device driver developer and felt neglected when there was no solution to protect your device drivers, Code Virtualizer offers you the same technology to do so (for either 32-bit and 64-bit drivers) in the same way as your applications and DLLs.

Try Code Virtualizer today and start inserting the latest software protection into your Win32/Win64 applications and device drivers!
These are the key features of Code Virtualizer®:

• Obfuscation through multiples Virtual Machines
• Unique protection for every protected application
• Protection of any x32 and x64 application and Device Driver
• Advanced mutation engine
• Code relocation to protect DLLs and Device Drivers
• Emulation of any Intel x86 opcode inside unique Virtual Machines
• Unique virtual opcodes for every protected application
• Full compatible with any compressor/protector
• Commａnd line protection